Difference between revisions of "Federated Ecosystem"

Latest revision as of 18:25, 24 May 2019

Full Title or Meme

A sub-set of sentient and non-sentient components that interact among themselves to increase the information content of the local environment.

Context

• The most current paradigm for digital Ecosystems is the internet taken together with the definitions and components maintained by ICANN, for example the Domain Name System which servers as the root for all URLs used on the internet and as the basis for Web Site Identity.
  • As originally envisioned the URL obtained with a name lookup that started with the ICAN root server would result in an Identifier in ASCII that was human-readable.
  • As the internet expanded beyond its original basis in ARPANET, the new languages and cultures turned to the Identifiers returned by the name lookup into something that was easy to spoof.^[1]
• The domain name was defined to be extensible, for example endpoint.company.com can be converted to an IP address by the following steps:

1. ICANN root server will provided a link to the .com domain, which can be considered as a federation of business sites.
2. .com name server will provide a link to the company.com domain which gets an Enterprise server which hosts a collection of servers controlled by the Enterprise.
3. company.com server will provide a link to one particular server (perhaps one of many) that can services a request.
4. endpoint.company.com can initiate further navigation based on the contents of the URL as needed by the company's own DNS resolution service.

• Other efforts to create a globally unique naming scheme are the CCITT X.400 names and the DOI document names. Neither are curated in any meaningful way.
• There are (at least) two ways to look at a Federated Ecosystem:

1. This page is primarily about open Web Sites including: Relying Party, Identifier or Attribute Provider and Trusted Third Party.
2. The NIST Public Working Group on Federated Cloud (PWGFC) includes the User which is appropriate for closed systems, like citizens of a country, or employees of a company

Problems

So how can a User know enough about a Web Site to make a trust decision about it.

• As noted above^[1] the URL has failed in its goal to be human-readable as it was pulled in other directions.
• Google has tried multiple times to replace the URL with some other Identifier^[2] without much success.
• Google is exploring yet other methods to replace the URL^[3] which makes this a very auspicious time to look at a federated Trust model.

Should Everyone have Equal Access

• It has been an article of faith among the internet partisans that the internet was a unique opportunity to give everyone an equal voice.
• It now seems clear that the real-word decision is -- NO, not everyone deserves an equal voice, some voices are just too hate-filled and violence provoking.^[4]
• In the business world arbiters of Trust have evolved like E-Bay and Angie's list that seek to rate business based on crowd-sourcing of recommendations.
• All metrics for Trust are susceptible to manipulation by businesses, both well-meaning and outright fraud.
• Hiding of the metrics for Trust engender fear, for example Google has been fined and called to account by governments around the world over its search alorithms.^[5]
• The inescapable decision seems to be that publicly accessible, Validated Identifiers are required for a safe experience on the web.

How have Businesses been Rated in the Real-World

• Dun and Bradstreet have been rating the creditworthiness of businesses since 1800's and stabled the DUNS number in 1963, anyone can ask for one.
• The International Suppliers Network is a system which logs and tracks vendors. Major companies such as General Motors often use the ISN to establish the "trustworthy" status of a new vendor. The ISN also allows companies to import a validated version of a vendor's details directly into their own procurement system.
• The CAGE code is required for doing business with the US Government agencies like the DoD as well as NATO members.
• DBAs (doing business as) create a special problem as they are the branding of the service as opposed to the legal entity offering the service.
  • And it is the Brand that is known and trusted by consumers. No consumer would desire to by groceries from Mondelēz International, but they all do.
  • Brands have legal status, often international legal status. The problem with using brands is the high barrier to entry that it would place on new businesses.

How have Web Sites been Rated so far

• The Google Chrome browser started the effort to force all web sites to have a TLS Cert and encrypted channel to be judged safe. That is working fairly well.
• EV Certs were established with a view to solve this problem, but have failed for reason noted on that page.
• DNS take-downs have been a regular feature of the internet since at least 2013 when Microsoft blocked an entire NDS server ^[6]

Solutions

• A Federated Ecosystem considers how to partition the solution into federations using the existing paradigm of the DNS, but starting from a source of Trust and maintaining that Trust as the federation Evolves.
• Unlike the priorities for the original ARPANET, we consider the primary purpose to be a Trusted Identity in Cyberspace.
• As a working hypothesis we will consider the use case where the federation creates Identifiers based on a new secure schema, it is to be expected that other use cases will be considered before a final paradigm shift is established to a fully Federated Ecosystem.

1. The root of trust is a singleton, all federations must accept the baseline functional requirements.
2. A variety of trust frameworks, or trust profiles, can be established, the base one is the self-assessment criteria.
3. It is possible that further branching can occur after the first.

User Trust Principles

• The User must be able to set a level of Assurance that any site proffered, either on search, or on some other Web Site will meet that Assurance level. (eg. COPPA sites only)
  • The Privacy expectations should be part of that assurance, for example is Do Not Track honored.
• The user must be able to search for a named Entity's Web Site in a manner that will provide only relevant assured links and not links to competitors or malicious sites.

Web Site Trust Principles

• Relying Parties that host a collection of controlled Resources will have assurance levels set for each Resource, lets look as some use cases:
  • Resource A is fine with the BFR self assessment that states the intent of IAP of the user is to be in conformance, perhaps to schedule an office visit.
  • Resource B requires that the IAP of the user is in health care conformance as it is User Private Information.
    • If the Claims from the user are insufficient, the Relying Party should have the obligation to inform the user how to acquire the needed claims.

Trust Hierarchy

The following is a hypothetical trust hierarchy for the health care framework (profile). Each descendant branch is limited by all of the frameworks above it. In other words, the limitations on the Entity only get more stringent.

1. Baseline Functional Requirements with self-assessment.
   1. Baseline Functional Requirements with certified audit.
   2. United States Health care framework.
      1. Hospitals
         1. ER
         2. Psyciatric
      2. Individuals
         1. First Responders on active duty
         2. Physicians
            1. Cardiaologist(perhaps this is an attribute and not a part of the taxonomy)
         3. Nurses
         4. Practitioners
         5. DEA licensed prescription writers (perhaps this is an attribute and not a part of the taxonomy)
      3. Pharmacies
      4. Labs
   3. US High trust Financial framework
   4. Minor's Trust Framework

It should be clear that individual entities have more than one role and so be at more than one node on the tree. The Pharmacy may also be an authorized seller of alcohol registered under some state authority. For any interaction with a user it will be important that the role is clear. What is not clear is how the user should know about the difference between Bartell's the prescription filler and Bartell's the liquor merchant. And it must be clear that the User Experience is the primary metric.

Governmental Solutions

• US NSTIC
• Canadian Digital Identity Ecosystem Principles from the Digital ID & Authentication Council of Canada (DIACC)

References

1. ↑ ^{1.0 1.1} Lily Hay Newman, SNEAKY EXPLOIT ALLOWS PHISHING ATTACKS FROM SITES THAT LOOK SECURE. (2017-04-18) https://www.wired.com/2017/04/sneaky-exploit-allows-phishing-attacks-sites-look-secure/
2. ↑ Barry Schwartz, Google Tests Replacing URL With Site Name In Search Results; Again. (2013-10-21) Search Engine Land https://searchengineland.com/google-tests-replacing-url-with-site-name-in-search-results-again-174663
3. ↑ Lily Hay Newman, Google Want to Kill the URL. Wired (2018-09-04) https://www.wired.com/story/google-wants-to-kill-the-url/
4. ↑ Kate Conger +1, Twitter, Citing Harassment, Bars Agitator and His Website. (2018-09-07) New York Times p. B1ff
5. ↑ Daisuke Wakabayasi, Googles Secrets Revealed (Sort of) (2018-09-06) New York Times P. B1ff
6. ↑ Steve Ragan, Takedown of No-IP by Microsoft impacts 1.8M customers. (2014-07-14) CSO https://www.csoonline.com/article/2449827/business-continuity/takedown-of-no-ip-by-microsoft-impacts-1-8m-customers.html